... and this is a bad use case for a general purpose OS. It also doesn't store data but rather a seed used to generate keys to access data. The passphrase is appended to the seed phrase before deriving the main key from it. Encrypting it with the passphrase would be a downgrade.
Conversation
You linked to a post about a physical attack vector on an SoC which is entirely applicable to a Linux installation. The post is also dishonest and pushing misinformation, but you're misunderstanding it if you think Linux is better. Linux is far more vulnerable to the same attack.
1
The mitigations implemented in the Trezor firmware against the attack wouldn't be present, and there would be drastically more attack surface. An attacker could much more easily gain code execution. An air gap doesn't remove online attack vectors at all.
1
It still needs to be kept updated too, and there would be massive attack surface simply for that. Simple update verification, full verified boot and downgrade protection with minimal state are important. The entire point is not having the attack surface of a general purpose OS.
1
1
I think you're just misinterpreting that post and drawing the wrong conclusions. It's about a hardware attack, and a general purpose computer running Linux is far more vulnerable to the same kind of attacks. It ignores the passphrase feature and is unnecessarily dishonest too.
2
1
1) Aside from technical comparisons guys. The main drawback of the hype is in its real-world-usage. In the non-tech attack surface. While "shitty linux" computer is multipurpose tool, a low-value-target, the Trezor is a single purpose HVT. Your home address and payment..
1
2) ..details lead to your RL persona, giving the attacker answer on who, when, where, what and how. Once you are reasonably interesting, 5$ wrench technique can be applied by an attacker.
The "shitty linux" user is not visible, and remains happily shitty 🤔
1
It can be purchased with Bitcoin using a pseudonym and you aren't forced to send it to your home address.
It has a strong mitigation against attacks based on coercion via the passphrase feature. Every passphrase is valid and leads to a different key (i.e. different wallets).
2
I don't understand your proposed threat model anyway. You're suggesting that there will be a sophisticated targeted attack involving an attacker spying on you to the extent that they are aware of your purchase and target you. In that case, they would target a laptop too...
3
It all depends on your threat model, trust model and adversary you calculate with.
For me the best security tech solution, doesnt mean the best security solution.
This is the main drawback of things like Trezor and hype around it. It can create false magic sec feeling.
1
It does depend on your threat model, and the one you're trying to come up with hasn't made much sense.
There's definitely a false magic security feeling in this thread about Linux and laptops. I'm unsure what hype you're talking about or how using a decent tool is a bad thing.
No, it is not Daniel, it makes perfect sense. Multipurpose free tool used anonymously, CAN be considered safer than the single purpose HVT tool aquired (mostly) publicly, drawing target on your forhead.
p.s. did you hear about TAO? ☺
1
The proposed approach is objectively far less secure against an online attack, offline attack and coercion. A targeted attack on an individual is easier with a laptop. Your only argument is your theory that a supply chain attack on Trezor is more likely than $LAPTOP_VENDOR.
2
1
Show replies